The Inverse Team is pleased to announce the immediate availability of
PacketFence 3.3.0. This is a major release with new features, new
hardware support, enhancements, bug fixes and updated translations. This
release is considered ready for production use.

=== What is PacketFence ? ===

PacketFence is a fully supported, trusted, Free and Open Source Network
Access Control (NAC) solution. Boasting an impressive feature set,
PacketFence can be used to effectively secure small to very large
heterogeneous networks.

Among the features provided by PacketFence, there are:

 * Powerful BYOD (Bring Your Own Device) workflows
 * Simple and efficient guests management
 * Multiple enforcement methods with Role-Based Access Control (RBAC)
 * Compliance checks for computers present on your network
 * Integration with various vulnerability scanners and intrusion
detection solutions
 * Bandwidth accounting for all devices

A complete overview of the solution is available from

=== Changes Since Previous Release ===

New Hardware
 * AlliedTelesis AT8000GS Switches using 802.1x/Mac Authentication
without VoIP
 * Added 802.1X/MAC Authentication support for HP 2500/2600 switches (no
 * Cisco WLC/WiSM product line now supports RADIUS Disconnect (RFC3576)
to perform de-authentication

New Features
 * Introduction of Role-based Access Control. Supported on AeroHIVE,
Aruba, Meru and Motorola (initial implementation)
 * Wireless de-authentication in Master / Local configuration supported
for Aruba controllers (or other Disconnect-Message implementations)
 * New guest self-registration mode: Sponsored. Guests accesses are
approved through a 'sponsor'
 * New guest self-registration option: Pre-registered guests. They can
register in advance through the portal. Email and sponsor modes
supported right now

 * New database-driven custom VLAN assignment strategy example
 * Slightly more helpful
 * Added a virtual IP (vip) parameter for interfaces in configuration
which overrides auto-detection (#1396)
 * More logging
 * Simplified inline mode with DNS rewrite (DNAT). Fixes several issues
and annoyances. (#1374, #1387)
 * New parameter available to control what information is mandatory to
be provided by a guest signing-up
 * New parameter available to control default field to use as pid for
guests (guests_self_registration.guest_pid)
 * Node categories were moved from node into configuration on the Web Admin
 * New per-category configuration to control maximum number of devices
allowed per user (max_nodes_per_pid)
 * Daemon startup time logged. Allows for easier troubleshooting of
slow-to-restart setups.
 * if VoIP is configured to be enabled and the network hardware doesn't
support it, PacketFence will log a warning
 * Firewall and Captive Portal more restrictive by default if you are
not using guest access
 * Performance improvement for the RADIUS accouting (#1414)
 * New hook to make it easier to rewrite RADIUS Access-Accept packets

Bug Fixes
 * Proxy Bypass issues in environment with Virtual IP (#1385)
 * Cisco 2950 802.1X Reauthenticate without VoIP issue (#1388)
 * RADIUS identity privacy fix (#1390)
 * Cisco MAB EAP was not properly working (#1391)
 * CoA RADIUS secret is lower cased (#1392)
 * Username length on the Web Admin is no longer limited to 15 characters
 * Potential (not-validated) cross-site scripting (XSS) in captive portal
 * Mandatory MAC lookup in the self-registered guests pages
 * Cancel button problems on SMS confirmation page (#1393)
 * Documented the fact that you need to configure credentials in for Statement of Health (SoH) support
 * Fixed port-security + VoIP support for the HP wired product line
 * Minor Administration Guide updates
 * Fixed CSS for mobiles devices
 * This is the last release to destroy your dhcpd lease file on upgrades

 * Updated Brazilian Portuguese (pt_BR) translation (Thanks to Diego de
Souza Lopes)

... and more. See the ChangeLog file for the complete list of changes
and the UPGRADE file for notes about upgrading. Both files are in the
PacketFence distribution.

=== Getting PacketFence ===

PacketFence is free software and is distributed under the GNU GPL. As
such, you are free to download and try it by either getting the new
release from:

or by getting the sources from the official monotone server using the
instructions at

Documentation about the installation and configuration of PacketFence is
available from:

=== How Can I Help ? ===

PacketFence is a collaborative effort in order to create the best Free
and Open Source NAC solution. There are multiple ways you can contribute
to the project:

 * Documentation reviews, enhancements and translations
 * Feature requests or by sharing your ideas
 * Participate in the discussion on mailing lists
 * Patches for bugs or enhancements
 * Provide new translations of remediation pages

=== Getting Support ===

For any questions, do not hesitate to contact us by writing to

You can also fill our online form
( and a representative from
Inverse will contact you.

Inverse offers professional services to organizations willing to secure
their wired and wireless networks with the PacketFence solution.

Olivier Bilodeau  ::  +1.514.447.4918 *115  ::
Inverse inc. :: Leaders behind SOGo ( and PacketFence

For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
Packetfence-announce mailing list

Reply via email to